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REMARKS 

The following remarks are prepared in response to the Office Action mailed 
February 16, 2005. Claims 1-47 are pending in this application, after entry of this 
amendment. 

Claims 1,3, 5-8, 13, 14, 17, 21, 22, 24, 27-29, 34, 38 and 41-44 were rejected under 
35 U.S.C. § 102(e) as being anticipated by Nessett et al (U.S. Patent No. 5,968,176 
hereinafter Nessett). Claims 2, 4, 10, 23, 25, 30, 33 and 35-36 were rejected under 35 U.S.C. 
§ 103(a) as being unpatentable over Nessett in view of Williams (U.S. Patent No. 6,304,973 
hereinafter Williams). Claims 9, 11-12, 15-16, 18-20, 26, 31-32, 37, 39-40 and 45-47 were 
rejected under 35 U.S.C. § 103(a) as being unpatentable over Nessett in view of Wesinger, Jr. 
et al. (U.S. Patent No. 6,052,788 hereinafter Wesinger). Applicant respectfully traverses and 
requests reexamination. 
Rejection Under 35 U.S.C. §102(e) 

Independent Claims 1, 17 and 34 

The rejection of claims 1, 17 and 34 should be withdrawn as Nessett fails to disclose 
all the recitations of claims 1,17 and 34 and therefore does not anticipate these claims. 

Focusing on the specific recitations of claims 1,17 and 34 and the inadequacies of 
Nessett, claims 1 and 34 recite: A secure network comprising "a plurality of network 
bubbles " and claim 17 recites: A secure network comprising "a first and a second network 
bubble ." Paragraph 26 of the present application states that the term "bubble" is intended to 
refer to two or more devices that have unrestricted network access with each other and share 
a common network access policy. 

Nessett discloses Host Group One 600 which consists of a large number of end 
systems 601, 602, 603, ... connected through repeaters (604 and 605) and switches (606 and 
607) to one of two site routers 608 {Nessett, col. 21, Ins. 56-59 and figures 6 and 7). The two 
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switches 606 and 607 are connected to Host Group One 600 through the repeaters 604 and 
605, are capable of performing firewall rule enforcement (Nessett, col. 22, Ins. 8-11). 
Specifically, both the switches connected through the repeaters 604 and 605 to Host Group 
One 600 end systems, as well as the Network Interface Cards (NICs) in these end systems, 
are capable of enforcing node specific policy rules {Nessett, col. 22, Ins. 34-37). The 
advantage demonstrated in this example is that the NICs are responsible for enforcing the 
multilayer firewall policy rule for inbound traffic , while the switches are responsible for 
enforcing it for outbound traffic (Nessett, col. 23, Ins. 35-38). Dividing up the responsibility 
for this enforcement offloads some processing from the Host Group One 600 switches 606 
and 607 (Nessett, col. 23, Ins. 38-40). It does this by relying on the NICs to protect their end 
systems against hostile traffic {Nessett, col. 23, Ins. 40-42). 

On pages 3 and 5 of the office action, the Examiner identified the plurality of network 
bubbles to be Host Group One 600 and Host Group Two 610 (see also figures 6 and 7). 
Applicant asserts that Host Group One 600 and Host Group Two 610 cannot be classified as 
bubbles according to the definition of a bubble as provided in the present application. The 
term bubble requires that the devices within a bubble have unrestricted network access with 
each other. See paragraph 26 of the present application. This feature is not taught or 
disclosed by Nessett. 

Nessett discloses that each end system 601, 602, 603 has a NIC that is used to enforce 
node specific policy rules. The NICs are used to ensure that the source addresses it receives 
are from trusted end systems {Nessett, col. 11, Ins. 54-58). Each end system uses its NIC to 
protect it from other end systems located in the same group. Therefore, each end system does 
not have unrestricted network access with each other as recited in the definition of a bubble. 
Therefore, the end systems in Host Group One 600 and Host Group Two 610 do not have 
unrestricted network access with each other. The claims require that the devices within a 
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bubble having unrestricted network access with each other. This feature is not taught or 
disclosed by Nessett. Accordingly, the rejection of claims 1, 17 and 34 under 35 U.S.C. 
§ 1 02(e) should be withdrawn. 
Rejections Under 35 U.S.C. §103(a) 

Independent Claims 1, 17 and 34 

Combining Williams with Nessett does not teach or suggest a bubble where two or 
more devices have unrestricted network access with each other. Williams permits unsecured 
hosts to be quickly and easily added to the network 10 {Williams, col. 13, Ins. 15-16). These 
unsecured hosts can freely inter-operate with other unsecured hosts without any restriction 
{Williams, col. 13, Ins. 16-18). The two or more devices within a bubble are secured devices 
that have unrestricted network access with each other. Williams does not teach or suggest a 
bubble with two or more secured devices that have unrestricted network access with each 
other. The deficiency of Nessett is not cured by Williams. Therefore, neither Nessett nor 
Williams, solely or in combination, teach or suggest a bubble with two or more secured 
devices that have unrestricted network access with each other. For at least the reasons 
discussed above, Applicant submits that claims 1,17 and 34 are patentably distinct over the 
combination of Nessett and Williams and the rejection under 35 U.S.C. § 103(a) should be 
withdrawn. 

Combining Wesinger with Nessett does not teach or suggest a bubble where two or 
more devices have unrestricted network access with each other. Wesinger discloses a first 
site 101 and a second site 151 {Wesinger, col. 6, Ins. 41-43 and figure 1). The Examiner 
identified the first site 101 to be a first network bubble and the second site 151 to be a second 
network bubble. Figure 1 shows a single network control point connecting the first site 101 
to the second site 151. Wesinger does not disclose that the devices within the first site 101 or 
the second site 151 have unrestricted network access with each other. Therefore, Wesinger 
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fails to teach or suggest a bubble with two or more devices that have unrestricted network 
access with each other. The deficiency of Nessett is not cured by Wesinger. Therefore, 
neither Nessett nor Wesinger, solely or in combination, teach or suggest a bubble with two or 
more devices that have unrestricted network access with each other. For at least the reasons 
discussed above, Applicant submits that claims 1,17 and 34 are patentably distinct over the 
combination of Nessett and Wesinger and the rejection under 35 U.S.C. § 103(a) should be 
withdrawn. 

Dependent Claims 2-16, 18-33 and 35-47 

Claims 2-16 depend from independent claim 1, claims 18-33 depend from 
independent claim 17 and claims 35-47 depend from independent claim 34. All of these 
dependent claims define the secure network with greater particularity and thus further 
distinguish over Nessett, Williams and Wesinger. For these reasons, and for the reasons set 
forth above with respect to independent claims 1,17 and 34, the rejections of these dependent 
claims should be withdrawn. 
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Conclusion 

If there are any questions with regards to this prosecution, or if the Examiner believes 

that a telephone interview will help further the prosecution of the case, he is respectfully 

requested to contact the undersigned attorney at the listed telephone number. 

I hereby certify that this correspondence is Very truly yours, 
being deposited with the United States Postal 

Service as First Class Mail in an envelope SNELL & WILMER L.L.P. 
addressed to the Commissioner for Patents, 
P.O. Box 1450, Alexandria, VA 22313-1450 
on May 16, 2005. 


By: Rachel Carter 


Signature 
Dated: May 16,2005 


Ketan S. Vakil 
Registration No. 43,215 
1920 Main Street, Suite 1200 
Irvine, California 92614-7230 
Telephone: (949) 253-4905 
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